[PATCH weston] weston-launch: Let the user use her real shell

Quentin Glidic sardemff7+wayland at sardemff7.net
Mon Jan 27 21:34:51 PST 2014


Hi,

On 24/01/2014 08:33, David Herrmann wrote:
> weston-launch passes privileged FDs back to weston. I don't think we
> should allow a user to use their own shell to spawn weston. How can
> you guarantee the shell does not point to some random binary of the
> user? This way, they can get access to arbitrary input FDs,
> circumventing the access-mode restrictions on the device-nodes.

 From "man chsh":
“The only restriction placed on the login shell is that the command name 
must be listed in /etc/shells, unless the invoker is the superuser, and 
then any value may be added.”

So unless root access (= full access anyway) the user cannot use a 
random binary but only system approved ones.

Thanks,

-- 

Quentin “Sardem FF7” Glidic


More information about the wayland-devel mailing list